sNews SQL Injection

Exploit Title:sNews index.php SQL Injection Vulnerability Date: 2010-07-24 Author: MajoR Software Link: http://snews.awddesign.co.uk Version: N/A Tested on: Wnidows xp SP2 CVE : N/A ====================================================sNews index.php SQL Injection Vulnerability...

Joomla! Component YouTube 1.5 - SQL Injection

Exploit Title: Joomla "comyoutube" Sql Injection Vulnerability Date: 2010-07-24 Author: Forza-Dz Software Link: http://extensions.joomla.org/extensions/multimedia/ multimedia-channels/video-channels/12037 Version: 1.5 Tested on: windows-xp-sp2-fr : windows-xp-sp3-fr...

sNews 1.7 - 'index.php?category' SQL Injection

sNews v1.7 index.php?category SQL Injection Vulnerability Author : CoBRa21 Author Web Page : http://www.ipbul.org Dork: "Powered by sNews" Sql Injection: http://localhost/path/index.php?category=-3 union select 0,version,2,3,4,5,6,7,8 Thanks http://e-banka.org & http://www.cyber-warrior.org...

sNews (index.php) SQL Injection Vulnerability

Exploit for php platform in category web applications ============================================= sNews index.php SQL Injection Vulnerability ============================================= Author: MajoR Software Link: http://snews.awddesign.co.uk Version: N/A Tested on: Wnidows xp SP2 CVE : N/A...

Joomla! Component com_iproperty - SQL Injection

==================================================== Joomla Component comiproperty SQL Injection Vulnerability ==================================================== Author : Amine92 Email : [email protected] Homepage : www.vbhacker.net/vb DORK : inurl:"index.php?option=comiproperty"...

shopxp pinglun. asp page injection vulnerability-vulnerability warning-the black bar safety net

shopxp pinglun. asp page injection vulnerability Injecting the subject of the sentence exp 1=2 union select 1,2,3,4,5,6,7,8,9,10,11 from shopxpadmin...

Mozilla remote code execution with use-after-free in nsTreeSelection

Use-after-free vulnerability in the nsTreeSelection implementation in Mozilla Firefox before 3.0.19 and 3.5.x before 3.5.9, Thunderbird before 3.0.4, and SeaMonkey before 2.0.4 allows remote attackers to execute arbitrary code or cause a denial of service application crash via unspecified vectors...

Ad Network Script - Persistent Cross-Site Scripting

Ad Network Script - Persistent Cross-Site Scripting 1 1 0 I'm Sid3^effects member from Inj3ct0r Team 1 1 0 0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1 vendor URL :http://www.kaonsoftwares.com/ Price:330EUR :O Author : Sid3^effects aKa HaRi special thanks to : r0073r...

Design/Logic Flaw

Unspecified vulnerability in the Export component in Oracle Database Server 9.2.0.8, 9.2.0.8DV, 10.1.0.5, 10.2.0.4, 11.1.0.7, and 11.2.0.1 allows remote authenticated users to affect confidentiality via unknown vectors related to Select Any Dictionary...

CVE-2010-2724

Cross-site scripting XSS vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via unspecified vectors in the hierarchicalselect form...

Cross site scripting

Cross-site scripting XSS vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via unspecified vectors in the hierarchicalselect form...

CVE-2010-2724

The CVE-2010-2724 entry describes a Cross-site scripting (XSS) vulnerability in the Drupal Hierarchical Select module (5.x before 5.x-3.2 and 6.x before 6.x-3.2). Affected component: hierarchical_select form. Root cause implied: improper handling of input that allows an authenticated user with ad...

CVE-2010-2724

Cross-site scripting XSS vulnerability in the Hierarchical Select module 5.x before 5.x-3.2 and 6.x before 6.x-3.2 for Drupal allows remote authenticated users, with administer taxonomy permissions, to inject arbitrary web script or HTML via unspecified vectors in the hierarchicalselect form...

SA-CONTRIB-2010-072: Hierarchical Select - Cross Site Scripting

The Hierarchical Select module provides a "hierarchicalselect" form element, which is a greatly enhanced way for letting the user select items in a taxonomy. The module does not sanitize some of the user-supplied data before displaying it, leading to a Cross Site Scripting XSS vulnerability that...

Oracle SQL Injection

Реализация SQL инъекций в Oracle. Введение. В статье рассматриваются особенности реализации уязвимости инъекции SQL-кода в СУБД Oracle. Хотя в настоящее время редко можно встретить использование этой СУБД в Веб программировании, но все-таки такое случается. В статью внесены изменения и дополнения...

SQL inj: вывод данных, без указания имён столбцов

SQL inj: вывод данных, без указания имён столбцов Необходимые условия: MySQL = 4.0 нужно наличие оператора union SQL инъекция должна быть с выводом слепые инъекции не подходят Кол-во столбцов в уязвимом запросе = чем кол-во столбцов в таблице, данные из которой нужно вывести Достаточно большое...

PageDirector CMS - Multiple Vulnerabilities

PageDirector CMS - Multiple Vulnerabilities Exploit Title : PageDirector CMS Multiple Vulnerabilities Date : 20 - 6 - 2010 Author : Tr0y-x Vendor : www.customerparadigm.com Version : All Versions Tested on : Linux Home : WwW.SeC-WaR.CoM Price : 675.00 $ loooooolz -== SQL Injection Vulenrability =...

Joomla Component com_family SQL Injection Vulnerability

Exploit for php platform in category web applications ======================================================= Joomla Component comfamily SQL Injection Vulnerability ======================================================= 1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0 0 1...

SnowCade 3.0 - SQL Injection

/ - SnowCade v3 SQL Injection Vulnerability - ---Date : 2010-06-19 ---Author : ahwak2000 ---Email : z.u5athotmail.com - Script Info - ---Home : http://www.arcadecreate.com/ - Vulnerability - http://site.com/path/index.php?action=browse&cat=SQL INj...

Infront - SQL Injection

Infront - SQL Injection Exploit Title: Infront SQL Injection Vulnerability Date: 12-06-2010 Author: TheMaster Software Link: http://www.infront.com/ Version: N/A Tested on: Windows XP SP3 Author : TheMaster Dork : intext:Powered by Infront Type of attack : SQLi File : breakingnews.php Exploit Cod...